MUST READ

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Nine arrested in €600M crypto laundering bust across Europe

 | 

Security

Pierluigi Paganini March 31, 2016
The code to bypass Apple System Integrity Protection security mechanism fits in a Tweet

Apple failed in fixing the System Integrity Protection security mechanism and the exploits code released by a researcher fits in a Tweet . Last week security media reported a critical privilege escalation flaw (CVE-2016-1757) in the Apple System Integrity Protection (SIP) security mechanism, a vulnerability that was present at the time of the discovery in all the version […]

Pierluigi Paganini March 30, 2016
Following revelations on Paris attacks, US lawmakers target burner phones

Paris terrorists used burner phones and US lawmakers have proposed a bill that would force retailers to record the identity of the buyers of these devices. Law enforcement and intelligence agencies worldwide are fighting against terrorist organizations operating in their territories, but investigations are hampered by the use of encrypted communications. After the Paris attacks, intelligence agencies […]

Pierluigi Paganini March 28, 2016
1 million Gmail accounts victim of state-sponsored hacking

Google is improving its Gmail warning service to help protect the customers from state-sponsored hacking and surveillance activities. Google confirmed that one million Gmail accounts might have been targeted by nation-state hackers. The news is worrying, the company is observing a significant increase in the number of hacking attacks on user email accounts. Google announced […]

Pierluigi Paganini March 26, 2016
Bruxelles Attacks: Bombers spied a Nuclear Researcher

Terrorists behind Bruxelles attacks were spying on an eminent nuclear researcher planning a nuclear plant attack and the building of a dirty bomb. The news is disconcerting, the two brothers behind the Brussels attacks, Khalid and Ibrahim El Bakraoui, were also spying on an eminent researcher and were planning to build “dirty bomb.” The Belgium’s Federal […]

Pierluigi Paganini March 25, 2016
Google issued a new security update to fix flaws in Chrome 49

Google has issued a new security update for its Chrome 49 that patches a number of flaws, most of them discovered by external researchers. Google has updated Chrome 49 for all the available versions in order to patch several critical vulnerabilities, including the flaw discovered thanks its bounty program that were rewarded with dozen thousands of […]

Pierluigi Paganini March 24, 2016
The Apple System Integrity Protection feature bypassed

Security researchers from SentinelOne have discovered a security vulnerability affecting the Apple System Integrity Protection (SIP). Security researcher Pedro Vilaça from SentinelOne has discovered a security vulnerability ( CVE-2016-1757) affecting the Apple System Integrity Protection (SIP). The SIP is a security mechanism implemented by Apple in the OS X El Capitan operating system for the protection of certain […]

Pierluigi Paganini March 24, 2016
Patch Java immediately or attackers can hack you

The CVE-2016-0636 flaw affects Java SE running in web browsers on desktops, attackers can trigger it remotely to takeover your PC. Once again a serious security vulnerability affects the Java Oracle software, the new flaw coded as CVE-2016-0636 scored a 9.3 on the Common Vulnerability Scoring System bug severity rating. The CVE-2016-0636 vulnerability affects Java SE running in […]

Pierluigi Paganini March 23, 2016
Badlock, a severe flaw affects every version of Windows and Samba

Developers from Microsoft and Samba Team are working on a security patch to fix a severe vulnerability dubbed Badlock. Developers from Microsoft and Samba are working on a security patch to fix a severe vulnerability that affects almost every version of Windows and Samba. Samba, which is present in nearly all Linux distributions, is a free […]

Pierluigi Paganini March 23, 2016
UPDATED – Brussels explosions, dozens dead after blasts at Zaventem airport and Maalbeek metro

Brussels explosions, dozens dead after blasts at Zaventem airport and Maalbeek metro, it is a terror attack. Panic and chaos in the city. The IS claims the responsibility for the attack. This morning the Europe has fallen again in terror, just months after the Paris attacks a new wave of attacks hit the West. This morning a […]

Pierluigi Paganini March 23, 2016
Cyber attacks on systems at a water utility, a scaring reality

According to the recent Verizon breach digest for March 2016 hackers breached a water utility and manipulated systems for water treatment and flow control. The story that I’m telling you is very disturbing, according to the Verizon breach digest for March 2016 a group of hackers breached a water utility and manipulated systems for water treatment and flow […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

GlassWorm malware has resurfaced on the Open VSX registry

Malware / November 10, 2025

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

Security / November 10, 2025

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

Uncategorized / November 10, 2025

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

Malware / November 10, 2025

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

Hacking / November 10, 2025